Comments 0

Document transcript

Priscilla Lara

Information Security

Professor Hartunian

June 14, 2012

Chapter 6 Review Questions 2&8 Exercise 2

and

Case exercises

1&2

2.TCP (Transmission Control Protocol) is the most commonly used protocol on the Internet. The reasonfor this is because TCP offers error correction. When the TCP protocol is used there is a "guaranteeddelivery." This is due largely in part to a method called "flow control." Flow control determines whendata needs to be re-sent, and stops the flow of data until previous packets are successfully transferred.This works because if a packet of data is sent, a collision may occur. When this happens, the client re-requests the packet from the server until the whole packet is complete and is identical to its original.

UDP (User Datagram Protocol) is anther commonly used protocol on the Internet. However, UDP isnever used to send important data such as webpages,database information; UDP is commonly used forstreaming audio and video. Streaming media such as Windows Media audio files (.WMA), Real Player(.RM), and others use UDP because it offers speed! The reason UDP is faster than TCP is because there isno form

of flow control or error correction. The data sent over the Internet is affected by collisions, anderrors will be present. Remember that UDP is only concerned with speed. This is the main reason whystreaming media is not high quality.

Packet filtering firewalls work at the network levelof the OSI model, or the IP layer of TCP/IP. They are usuallypart of a router. Circuit level gateways workat the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshakingbetween packets to determine whether a requested session is legitimate. Information passed to remotecomputer through a circuit level gateway appears to have originated from the gateway.

Application levelgateways, also called proxies, are similar to circuit-level gateways except that they are applicationspecific. They can filter packets at the application layer of the OSI model. Incoming or outgoing packetscannot access services for which there is no proxy.

Stateful multilayer inspection firewalls combine theaspects of the other three types of firewalls. They filter packets at the network layer, determine whethersession packets are legitimate and evaluate contents of packets at the application layer. They allowdirect connection between client and host, alleviating the problem caused by the lack of transparency ofapplication level gateways.

Exercise 2

2.

Timbuktu

is a remote control software product developed by WOS Data

systems. Remote controlsoftware allows a user to control another computer across the local network or the Internet, viewing itsscreen and using its keyboard and mouse as if he or she were sitting in front of it. Timbuktu iscompatible with computers running both Mac OS X and Windows.

Case Exercises

1.

What is more efficient for the company? What is a better set up, subnet with bastion hosts?Ora screened subnet with proxy servers? How will that decision affect the way theyimplement application and web servers?

What type of security protection program does thecompany need?

2.

Cost versus maintaining high security for SLS; I think that in the long run maintaining highsecurity is more important than the cost. Not having high security can result in spendingmore money therefore cost versus maintaining high security I would choose a high securitybecause that is most important at this moment.